jammsession

joined 1 year ago
[–] jammsession@alien.top 1 points 1 year ago (1 children)

Why would you leave PermitRootLogin to yes? Doesn’t really matter, if root ca nit login anyways?!

Just like you don't really need UFW, not really harmful and for piece of mind :)

But to be honest, I am no expert either. I look at your config and think, just leave everything at default besides these twos:

PubkeyAuthentication yes PasswordAuthentication no

Things like

MaxAuthTries 3

don't matter for public key auth.

[–] jammsession@alien.top 1 points 1 year ago (3 children)

PermitRootLogin I would set to yes.

sudo systemctl restart ssh will only restart your ssh client and not the ssh server you try to restart. Use sshd insted.

I personally find it easier to use no root during setup and import my ssh keys from github using ssh-import-id.

UFW doesn't harm, but if the host is on your Proxmox Hypervisor, it is probably behind a deny all incoming firewall anyway. That is also why I would leave IPv6 on.

Like other have noted, Crowdsec is a little bit more complex to setup but also offers more features. As a side note, Fail2ban is unfortunatly not IPv6 ready.

 

In the last few months, I saw a lot of posts about people thinking if they wanna make the switch from NextCloud to OwnCloud Infinite Scale. That is why I gave it a try. In the end, the important differences for me personally were different than expected.

GO instead of PHP, better performance, less clutter, focus on files not collab. All sounded very nice. I also have one very personal gripe with Nextcloud that most people probably find unimportant, the subscriber-exclusive documentation.

Anyway, I personally found two very important differences for me and probably a lot of people at /r/selfhostet.

How data is internally stored:

For Nextcloud this is easy. User folders with the data and a trashcan. For OCIS it is random unique identifiers. This is huge for me! For Nextcloud I can restore snapshots and S3 data without any hassle. It is also very easy to sanity-check my backups. I don't have the same confidence in OCIS.

Age of the project and community size:

OCIS is still pretty new. Documentation can be a little bit on the light side because of that and is more directed to people who are pros, assuming some deeper knowledge from the reader. The community is pretty small and mostly still on classic OwnCloud.

My conclusion:

As an organization that has a support contract with OwnCloud, I would go for OCIS. As a home and self-hosting user, the way data is stored makes me stay on Nextcloud.